radin/my-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e210a6e44ebb8bc93416109b85a19fdb7ea4c71f
my-docs/Web-Servers/Nginx/12-WebSocket.md
RadinPirouz 89a8b2a0df added web socker doc for nginx
2025-11-11 16:39:45 +03:30

145 lines
4.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# WebSocket and Nginx Reverse Proxy Configuration Guide
## 1. Introduction
**WebSocket** is a **bi-directional, full-duplex communication protocol** that operates over a **single TCP connection**. Unlike traditional HTTP, where the client sends a request and the server responds, WebSocket allows both client and server to send messages to each other at any time during the session.
This makes it highly suitable for **real-time applications** such as chat systems, live dashboards, and streaming services.
---
## 2. How WebSocket Works
### Traditional HTTP
In HTTP:
* The client sends a request.
* The server sends a response.
* The connection is then closed (unless using persistent connections).
### WebSocket
In WebSocket:
* The client initiates an **HTTP request** with special headers to **upgrade** the connection from HTTP to WebSocket.
* The server accepts the upgrade and switches protocols.
* Once established, both sides can exchange data freely over a persistent TCP connection.
---
## 3. Establishing a WebSocket Connection
### Client → Server (Upgrade Request)
The WebSocket connection starts as a standard HTTP request with additional headers:
```http
GET /chat HTTP/1.1
Host: example.com
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
Sec-WebSocket-Version: 13
```
### Server → Client (Upgrade Response)
If the server supports WebSocket, it responds with:
```http
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
```
---
## 4. Header Explanation
* **Upgrade:**
Indicates the protocol the client wants to switch to (in this case, `websocket`).
* **Connection:**
Must include the value `Upgrade` to signal the intention to upgrade the connection.
* **Sec-WebSocket-Key:**
A randomly generated Base64-encoded value (16 bytes) sent by the client.
It ensures a unique connection and prevents cross-protocol attacks.
* **Sec-WebSocket-Version:**
Specifies the WebSocket protocol version the client supports.
Most servers use **version 13**.
If not supported, the server responds with:
```http
HTTP/1.1 426 Upgrade Required
Sec-WebSocket-Version: 13
```
* **Sec-WebSocket-Accept:**
Returned by the server as proof that it successfully accepted the handshake.
Its derived from the clients `Sec-WebSocket-Key` using a predefined GUID.
---
## 5. HTTP Version Requirement
WebSocket requires **HTTP/1.1 or higher** because:
* **HTTP/1.0** opens a new TCP connection for each request, leading to high overhead.
* **HTTP/1.1** introduced **persistent connections (Keep-Alive)**, allowing multiple requests to share a single TCP connection.
For example:
* In HTTP/1.0, downloading 4 images would open 4 separate TCP connections.
* In HTTP/1.1, one TCP connection can handle all 4 requests.
WebSocket leverages this concept to maintain a **single long-lived TCP connection** between the client and server.
---
## 6. Enabling WebSocket Support in Nginx
When using Nginx as a **reverse proxy**, the connection upgrade must be explicitly configured.
### Example Configuration
```nginx
location / {
proxy_pass http://backend:8080;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_http_version 1.1;
}
```
### Explanation
* **proxy_pass:**
Forwards the request to the backend service.
* **proxy_set_header Upgrade $http_upgrade;**
Passes the `Upgrade` header from the client to the backend.
* **proxy_set_header Connection "upgrade";**
Ensures Nginx forwards the `Connection: Upgrade` header required for WebSocket.
* **proxy_http_version 1.1;**
Enables HTTP/1.1 support in proxying, required for WebSocket functionality.
---
## 7. Summary
| Feature | Description |
| --------------------- | ----------------------------------------------------------------------------------- |
| Protocol | Bi-directional, full-duplex |
| Base Protocol | HTTP/1.1 |
| Upgrade Mechanism | HTTP 101 Switching Protocols |
| Persistent Connection | Yes |
| Key Headers | Upgrade, Connection, Sec-WebSocket-Key, Sec-WebSocket-Version, Sec-WebSocket-Accept |
| Nginx Requirement | Must enable `proxy_http_version 1.1` and pass upgrade headers |
Reference in New Issue View Git Blame Copy Permalink